Thursday, February 21, 2019

Kubernetes (k8s) is an open source container management platform designed to run enterprise-class, cloud-enabled and web-scalable IT workloads. With the rise of containerization in the world of Devops, the need of a platform to effectively orchestrate these containers also grew. Since Kubernetes operates at the container level rather than at the hardware level, it provides some generally applicable features common to PaaS offerings. It is a vendor-agnostic cluster and container management tool, open-sourced by Google in 2014.

Kubernetes Architecture :

Kubernetes is designed on the principles of scalability, availability,
security and portability. It optimizes the cost of infrastructure by
efficiently distributing the workload across available resources. This architecture of Kubernetes provides a flexible, loosely-coupled mechanism for service discovery. Like most distributed computing platforms, a Kubernetes cluster consists of at least one master and multiple compute nodes (also known as worker nodes). The master is responsible for exposing the application program interface (API), scheduling the deployments and managing the overall cluster. Each node runs a container runtime, such as Docker or rkt (container system developed by CoreOS as a light weight and secure alternative to Docker), along with an agent that communicates with the master. The node also runs additional components for logging, monitoring, service discovery and optional add-ons. Nodes are the workhorses of a Kubernetes cluster. They expose compute, networking and storage resources to applications. Nodes can be virtual machines (VMs) running in a cloud or bare metal servers running within the data center.

A pod is a collection of one or more containers. The pod serves as Kubernetes’ core unit of management. Pods act as the logical boundary for containers sharing the same context and resources. The grouping mechanism of pods make up for the differences between containerization and virtualization by making it possible to run multiple dependent processes together. At runtime, pods can be scaled by creating replica sets, which ensure that the deployment always runs the desired number of pods.

Replica sets deliver the required scale and availability by maintaining a pre-defined set of pods at all times. A single pod or a replica set can be exposed to the internal or external consumers via services. Services enable the discovery of pods by associating a set of pods to a specific criterion. Pods are associated to services through key-value pairs called labels and selectors. Any new pod with labels that match the selector will automatically be discovered by the service. This architecture provides a flexible, loosely-coupled mechanism for service discovery.

The definition of Kubernetes objects, such as pods, replica sets and services, are submitted to the master. Based on the defined requirements and availability of resources, the master schedules the pod on a specific node. The node pulls the images from the container image registry and coordinates with the local container runtime to launch the container.

etcd is an open source, distributed key-value database from CoreOS, which acts as the single source of truth (SSOT) for all components of the Kubernetes cluster. The master queries etcd to retrieve various parameters of the state of the nodes, pods and containers.

Master components provide the cluster’s control plane. Master components make global decisions about the cluster (for example, scheduling), and detecting and responding to cluster events (starting up a new pod when a replication controller’s ‘replicas’ field is unsatisfied. The master stores the state and configuration data for the entire cluster in ectd, a persistent and distributed key-value data store. Each node has access to ectd and through it, nodes learn how to maintain the configurations of the containers they’re running. You can run etcd on the Kubernetes master or in standalone configurations.

kube-apiserver

etcd

kube-scheduler

kube-controller-manager

cloud-controller-manager

ii) Node ComponentsNode components run on every node, maintaining running pods and providing the Kubernetes runtime environment . All nodes in a Kubernetes cluster must be configured with a container runtime, which is typically Docker. The container runtime starts and manages the containers as they’re deployed to nodes in the cluster by Kubernetes.

The Weave Net addon for Kubernetes comes with a Network Policy Controller that automatically monitors Kubernetes for any NetworkPolicy annotations on all namespaces and configures iptables rules to allow or block traffic as directed by the policies.

NOTE: You MUST disable swap in order for the kubelet to work properly----------------------------Step 15: Configure Kubernetes and docker Repositories on worker node ( same as steps above)-------------Step 16:Install docker --------------Step 17:Start and enable docker service-----------------Step 18:Now you can Join worker node to master nodeWhenever kubernetes master initialized , then in the output we get command and token. Copy that command and run[root@worker-node ~]# kubeadm join IP_ADDRESS_master-node:6443 --token od9n1d.rltj6quqmm2kojd7 --discovery-token-ca-cert-hash sha256:9ea1e1163550080fb9f5f63738fbf094f065de12cd38f493ec4e7c67c735fc7b[preflight] Running pre-flight checks[discovery] Trying to connect to API Server "IP_ADDRESS_master-node:6443"[discovery] Created cluster-info discovery client, requesting info from "https://IP_ADDRESS_master-node:6443"[discovery] Requesting info from "https://IP_ADDRESS_master-node:6443" again to validate TLS against the pinned public key[discovery] Cluster info signature and contents are valid and TLS certificate validates against pinned roots, will use API Server "IP_ADDRESS_master-node:6443"[discovery] Successfully established connection with API Server "IP_ADDRESS_master-node:6443"[join] Reading configuration from the cluster...[join] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'[kubelet] Downloading configuration for the kubelet from the "kubelet-config-1.13" ConfigMap in the kube-system namespace[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"[kubelet-start] Activating the kubelet service[tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap...[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "worker-node" as an annotationThis node has joined the cluster:* Certificate signing request was sent to apiserver and a response was received.* The Kubelet was informed of the new secure connection details.Run 'kubectl get nodes' on the master to see this node join the cluster.[root@worker-node ~]#This will activate the services required-------------------------Step 19:Now verify Nodes status from master node using kubectl command[root@master-node]# kubectl get nodesNAME STATUS ROLES AGE VERSIONmaster-node Ready master 119m v1.13.3worker-node Ready <none> 49m v1.13.3[root@master-node ]#As we can see master and worker nodes are in ready status. This concludes that kubernetes 1.7 has been installed successfully and also we have successfully joined worker node. Now we can create pods and services--------------------------------- oooooooooooooooooo -------------------------------------------Reference:1) https://docs.google.com/presentation/d/1mbjjxNlPzgZIH1ciyprMRoIAYiEZuFQlG7ElXUvP1wg/edit#slide=id.g3d4e7af7b7_2_522) https://github.com/kubernetes-sigs/kube-batch3) https://github.com/intel/multus-cni4) https://kubernetes.io/docs/tutorials/kubernetes-basics5) http://www.developintelligence.com/blog/2017/02/kubernetes-actually-use6) https://kubernetes.io/docs/setup/independent/install-kubeadm/7) https://www.linuxtechi.com/install-kubernetes-1-7-centos7-rhel7/8) https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/getting_started_with_kubernetes/get_started_orchestrating_containers_with_kubernetes9) https://github.com/kubernetes/kubeadm/issues/33910) https://www.linuxtechi.com/install-kubernetes-1-7-centos7-rhel7/11) https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/getting_started_with_kubernetes/get_started_orchestrating_containers_with_kubernetes12) https://kubernetes.io/docs 13) https://thenewstack.io/kubernetes-an-overview/14) https://blog.newrelic.com/engineering/what-is-kubernetes/